From 22d22556640fce10c47a2659bc40eb78a15a1096 Mon Sep 17 00:00:00 2001 From: Nanne Baars Date: Fri, 13 May 2016 15:42:48 +0200 Subject: [PATCH] Made lesson resolution with Thymeleaf dynamic --- .../org/owasp/webgoat/LessonEndpointProvider.java | 8 +++++--- .../org/owasp/webgoat/LessonTemplateResolver.java | 4 +++- .../src/main/java/org/owasp/webgoat/WebGoat.java | 14 ++++++++++---- .../java/org/owasp/webgoat/plugins/Plugin.java | 2 +- .../org/owasp/webgoat/plugins/PluginsLoader.java | 8 +++----- .../main/resources/templates/lesson_content.html | 2 +- 6 files changed, 23 insertions(+), 15 deletions(-) diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/LessonEndpointProvider.java b/webgoat-container/src/main/java/org/owasp/webgoat/LessonEndpointProvider.java index b449c52cf..f0c7354bb 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/LessonEndpointProvider.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/LessonEndpointProvider.java @@ -1,7 +1,7 @@ package org.owasp.webgoat; import org.owasp.webgoat.lessons.LessonEndpointMapping; -import org.owasp.webgoat.plugins.PluginsLoader; +import org.owasp.webgoat.plugins.PluginClassLoader; import org.springframework.beans.factory.BeanFactory; import org.springframework.beans.factory.ListableBeanFactory; import org.springframework.beans.factory.config.ConfigurableBeanFactory; @@ -30,23 +30,25 @@ public class LessonEndpointProvider { private final String pluginBasePackage; private final ApplicationContext parentContext; + private final PluginClassLoader classLoader; private ListableBeanFactory context; private DefaultListableBeanFactory providedBeans; private BeanFactory beanFactory; - public LessonEndpointProvider(String pluginBasePackage, ApplicationContext parentContext, BeanFactory beanFactory) { + public LessonEndpointProvider(String pluginBasePackage, ApplicationContext parentContext, BeanFactory beanFactory, PluginClassLoader cl) { this.pluginBasePackage = pluginBasePackage; this.parentContext = parentContext; this.providedBeans = new DefaultListableBeanFactory(this.parentContext.getParentBeanFactory()); this.beanFactory = beanFactory; + this.classLoader = cl; } public void registerEndpoints() { if (context == null) { AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext(); context.setParent(parentContext); - context.setClassLoader(PluginsLoader.classLoader); + context.setClassLoader(classLoader); ClassPathBeanDefinitionScanner scanner = new ClassPathBeanDefinitionScanner(context, false); scanner.addIncludeFilter(new AnnotationTypeFilter(LessonEndpointMapping.class)); diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/LessonTemplateResolver.java b/webgoat-container/src/main/java/org/owasp/webgoat/LessonTemplateResolver.java index a00cc25e0..c00c9e062 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/LessonTemplateResolver.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/LessonTemplateResolver.java @@ -33,6 +33,7 @@ public class LessonTemplateResolver extends TemplateResolver { @Override protected String computeResourceName(TemplateProcessingParameters params) { String templateName = params.getTemplateName(); + return templateName.substring(PREFIX.length()); } @@ -46,7 +47,8 @@ public class LessonTemplateResolver extends TemplateResolver { try { return new ByteArrayInputStream(Files.toByteArray(lesson)); } catch (IOException e) { - e.printStackTrace(); + //no html yet + return new ByteArrayInputStream(new byte[0]); } } return null; diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/WebGoat.java b/webgoat-container/src/main/java/org/owasp/webgoat/WebGoat.java index 8fd0a9704..acc7484b2 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/WebGoat.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/WebGoat.java @@ -1,5 +1,6 @@ package org.owasp.webgoat; +import org.owasp.webgoat.plugins.PluginClassLoader; import org.owasp.webgoat.plugins.PluginsLoader; import org.owasp.webgoat.session.Course; import org.owasp.webgoat.session.WebSession; @@ -41,8 +42,13 @@ public class WebGoat extends SpringBootServletInitializer { } @Bean - public PluginsLoader pluginsLoader(@Qualifier("pluginTargetDirectory") File pluginTargetDirectory) { - return new PluginsLoader(pluginTargetDirectory); + public PluginClassLoader pluginClassLoader() { + return new PluginClassLoader(PluginClassLoader.class.getClassLoader()); + } + + @Bean + public PluginsLoader pluginsLoader(@Qualifier("pluginTargetDirectory") File pluginTargetDirectory, PluginClassLoader classLoader) { + return new PluginsLoader(pluginTargetDirectory, classLoader); } @Bean @@ -52,8 +58,8 @@ public class WebGoat extends SpringBootServletInitializer { } @Bean - public LessonEndpointProvider lessonEndpointProvider(ApplicationContext applicationContext, BeanFactory factory) { - LessonEndpointProvider lessonEndpointProvider = new LessonEndpointProvider("org.owasp.webgoat", applicationContext, factory); + public LessonEndpointProvider lessonEndpointProvider(ApplicationContext applicationContext, BeanFactory factory, PluginClassLoader cl) { + LessonEndpointProvider lessonEndpointProvider = new LessonEndpointProvider("org.owasp.webgoat", applicationContext, factory, cl); return lessonEndpointProvider; } diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/plugins/Plugin.java b/webgoat-container/src/main/java/org/owasp/webgoat/plugins/Plugin.java index 5338c87a3..3880d05df 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/plugins/Plugin.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/plugins/Plugin.java @@ -29,8 +29,8 @@ public class Plugin { private static final String NAME_LESSON_SOLUTION_DIRECTORY = "lessonSolutions"; private static final String NAME_LESSON_PLANS_DIRECTORY = "lessonPlans"; - public static PluginClassLoader classLoader; + private PluginClassLoader classLoader; private Class lesson; private Map solutionLanguageFiles = new HashMap<>(); private Map lessonPlansLanguageFiles = new HashMap<>(); diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java b/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java index 38c0771c4..6e9f854f0 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java @@ -6,7 +6,6 @@ import org.owasp.webgoat.util.LabelProvider; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; import org.springframework.util.ResourceUtils; import java.io.File; @@ -37,18 +36,17 @@ import java.util.zip.ZipEntry; * @author dm * @version $Id: $Id */ -@Component public class PluginsLoader { private static final String WEBGOAT_PLUGIN_EXTENSION = "jar"; private static final int BUFFER_SIZE = 32 * 1024; private final Logger logger = LoggerFactory.getLogger(this.getClass()); private final File pluginTargetDirectory; - public static PluginClassLoader classLoader = new PluginClassLoader(PluginClassLoader.class.getClassLoader()); - + private final PluginClassLoader classLoader; @Autowired - public PluginsLoader(File pluginTargetDirectory) { + public PluginsLoader(File pluginTargetDirectory, PluginClassLoader pluginClassLoader) { + this.classLoader = pluginClassLoader; this.pluginTargetDirectory = pluginTargetDirectory; } diff --git a/webgoat-container/src/main/resources/templates/lesson_content.html b/webgoat-container/src/main/resources/templates/lesson_content.html index f377191dd..7388f328e 100644 --- a/webgoat-container/src/main/resources/templates/lesson_content.html +++ b/webgoat-container/src/main/resources/templates/lesson_content.html @@ -7,6 +7,6 @@

-
+